Simplify the query and update qldoc

2026-04-30 03:05:15 +02:00 · 2021-01-28 03:02:53 +00:00
parent 32c54628f8
commit 6a93099b64
2 changed files with 2 additions and 4 deletions
--- a/java/ql/src/experimental/Security/CWE/CWE-522/InsecureLdapAuth.qhelp
+++ b/java/ql/src/experimental/Security/CWE/CWE-522/InsecureLdapAuth.qhelp
@@ -26,7 +26,7 @@
    </li>
    <li>
      Oracle:
-      <a href="https://docs.oracle.com/javase/tutorial/jndi/ldap/simple.html">Simple authentication consists of sending the LDAP server the fully qualified DN of the client (user) and the client's clear-text password</a>
+      <a href="https://docs.oracle.com/javase/tutorial/jndi/ldap/simple.html">Simple authentication</a>
    </li>
  </references>
 </qhelp>
--- a/java/ql/src/experimental/Security/CWE/CWE-522/InsecureLdapAuth.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-522/InsecureLdapAuth.ql
@@ -202,13 +202,11 @@ where
  sink.getNode().asExpr() = va and
  exists(BasicAuthFlowConfig bc, DataFlow::PathNode source2, DataFlow::PathNode sink2 |
    bc.hasFlowPath(source2, sink2) and
-    source2.getNode().asExpr().(CompileTimeConstantExpr).getStringValue() = "simple" and
    sink2.getNode().asExpr() = va
  ) and
  not exists(SSLFlowConfig sc, DataFlow::PathNode source3, DataFlow::PathNode sink3 |
    sc.hasFlowPath(source3, sink3) and
-    source3.getNode().asExpr().(CompileTimeConstantExpr).getStringValue() = "ssl" and
-    sink3.getNode().asExpr() = va.getVariable().getAnAccess()
+    sink3.getNode().asExpr() = va
  )
 select sink.getNode(), source, sink, "Insecure LDAP authentication from $@.", source.getNode(),
  "LDAP connection string"